With the recent publication of the Global Cybersecurity Index (GCI) by the International Telecommunication Union (ITU) – a specialised United Nations agency for information and communication technologies (ICT) – Malaysia can target becoming a cybersecurity hub in Southeast Asia. According to the new report, the country ranks joint 5th out of 194 countries and has a global score of 98.06. The nearest countries on the list from the region are Singapore in 4th with a 98.52 score, and Indonesia and Vietnam, currently ranked 24th and 25th, with 94.88 and 94.59, respectively.

The GCI survey analysed countries’ cybersecurity positions, gaps, and practices to help them improve their approaches. It also highlighted measures taken by leaders to boost their cyber capacities and address the ever-evolving online risks. The researchers received 150 questionnaires mapping five pillars for evaluation: cyber laws, national strategies, capacity building, cooperation, and technical measures.

Since 2014, Malaysia has established itself as one of the most prepared nations in relation to cybersecurity. Eight years later, the GCI report shows the country is strong in legal, cooperative, and capacity development measures but needs to improve its technical and organisational approaches. The cybersecurity trends in Malaysia and the rest of the world show that countries will face many technological challenges in the years to come.

Cybersecurity challenges facing Malaysia

One of the primary challenges is increasing cybersecurity vulnerabilities because of new technology like the Internet of Things (IoT). Moreover, the shift to telecommuting because of the COVID-19 crisis opens up the possibility of computer viruses and malware, which pose a significant threat to data safety.

Raymond Hor, Managing Director, Orbit Malaysia shares how the early-stage startup scene in Malaysia is poised for growth

Secondly, ransomware has become a popular tool for hackers as it facilitates encrypting stolen data and obtaining financial rewards from the victims in exchange. In the first half of 2021, cybersecurity giant Trend Micro stopped 40.9 billion email threats, malicious files and dangerous links, while malware surged by 160% to 6.60 million.

Many areas are lagging, especially in individual and critical infrastructure protection. Cybercriminals and hostile nations are targeting multiple sectors, from finance, energy, health, and others, to undermine or harm the country. In addition, there is an inadequate lack of cybersecurity skills training for sector-specific solutions.

The last issue is the rising population in Malaysia and their increased digital services usage, which puts them at risk on the internet. The eConomy 2020 report by Google, Temasek, and Bain & Company found that citizens were spending more time online than before the pandemic, and they intended to continue using online services going forward.

Areas to improve to become a cybersecurity hub

According to the Digital Trust Insights Survey 2021 by PriceWaterhouseCoopers (PWC), 70% of the respondents said they would change their cybersecurity strategy because of COVID-19. People working from home endure privacy concerns, untold risks when transferring documents, and the potential theft of their identities or office credentials. Solving these vulnerabilities keeps the company and its employees safe.

Furthermore, organisations are looking to invest more to boost their cyber resilience, with 63% of respondents thinking of new ways to budget for online safety activities.

The survey highlighted the shortage of cybersecurity talent in the market, with 64% confirming they would add to their cybersecurity team numbers within the next 12 months. The most sought-after skills included online security knowledge and data analysis and management. In addition, companies can focus on upskilling their employees to meet the demand for talent in cyber safety.

Significant investment should be directed toward CyberSecurity Malaysia, an agency under the Ministry of Communications and Multimedia Malaysia. The agency promotes innovations and initiatives to protect digital systems from various dangers. It also handles online security responses, outreach, capacity development, and industry research. 

The country should continue its CyberSecurity Strategy approach, which outlines areas requiring improvement to mitigate threats when browsing online. Malaysia passed the National Cyber Security Policy (NCSP) in 2006 to defend the Critical National Information Infrastructure (CNII). Moreover, it set up the National Cyber Security Agency (NACSA) to tackle sophisticated global cybersecurity risks that cause socio-economic damage.

Finally, Malaysia’s National Cyber Crisis Exercise, otherwise known as X-Maya, tests the crisis management plans’ effectiveness to cope with cybersecurity threats. Thus far, there have been six annual exercises to check the country’s readiness in dealing with dangerous online incidents.

There is a pressing need to enhance cyber capacities worldwide as nations transform into digital economies. The cybersecurity trends in Malaysia indicate that the country is already ahead of the curve in implementing vital policies and regulations, which will keep its citizens safe online. Risks remain in investment shortages, inadequate laws, and a vulnerable populace.

Regardless, Malaysia has done enough to position itself as a cybersecurity hub in Southeast Asia. It will take a lot of time, strategy, and investment for other countries in the region to catch up.